We will also support secure SSL connections since this currently is a real world demand.
I appreciate the suggestions for the SMTP secure port I will review RFC 2476.
Brian Kirsch - Email Framework Engineer Open Source Applications Foundation 543 Howard St. 5th Floor San Francisco, CA 94105 (415) 946-3056 http://www.osafoundation.org
RL 'Bob' Morgan wrote:
OSAF for example has two ways to send SMTP mail via port 25 with a STARTTLS command and via port 465 with a direct SSL connection.
In fact the preferred method for MUAs to transfer mail to MTAs is using Submission (RFC 2476) on port 587. Many sites choose to encourage the use of this port for authenticated mail submission (so they don't have to mess with doing it on port 25 of their MTAs). It is true that port 25 is far more widely used for this purpose just because it always has been, but it is a good idea to support 587 also (and the procedures specified in 2476).
Some mail servers including OSAF's IMAP server, don't support the STARTTLS but allow an SSL connection on an alternative port so flexibility is the key.
Let me humbly suggest that it is inexcusable to ship an IMAP server in 2005 that doesn't support STARTTLS. STARTTLS is the standard method for a reason. The separate-port approach will unfortunately have to be supported forever probably, but it is just bad form to encourage it.
- RL "Bob"
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Dev" mailing list http://lists.osafoundation.org/mailman/listinfo/dev
